The period when online threats were unknown and a simple password sufficed to secure your accounts is a thing of the past. In today’s digital age, an account without two-factor authentication (2FA) is deemed vulnerable. Numerous authentication apps exist, with Google Authenticator standing out among them. Here’s an overview of its importance and functionality.
Why is two-factor authentication necessary?
In 2024, cybersecurity reached a new low with over 40 billion records exposed in data breaches. A large portion of these records consisted of stolen passwords that found their way to the dark web. As highlighted in our study on the dark web, cyber-criminals can profit substantially from selling your stolen data. Relying solely on passwords to secure your accounts leaves you susceptible to risks. Cyber adversaries can purchase a compilation of leaked or stolen credentials, and if yours are among them, they could gain control of your accounts. With 2FA activated, the likelihood of your accounts being compromised decreases significantly. Two-factor authentication requires you to verify your identity via a text message, token, or app, in addition to entering your password. While tokens and text messages have lost their trustworthiness over time, authentication apps are now regarded as the safest method for identity verification. Microsoft Authenticator, Authy, and Duo Mobile are some of the renowned names in the authentication market. However, our focus here is on Google Authenticator.
How does Google Authenticator function?
When you activate two-factor authentication for an account you wish to secure with Google Authenticator, the app generates a six-digit code for you to input during login. The code refreshes every 30 seconds for security purposes, leaving you with a limited window to enter it. The app is compatible with both Android and iOS. Google Authenticator can be used to set up two-factor authentication for widely used services like Gmail, Instagram, Facebook, Twitter, and LinkedIn. Upon opening the app, you can view all the services linked to your Google Authenticator account. The app also facilitates the transfer of your linked accounts from your old smartphone to a new one, eliminating the need to start from scratch.
Is Google Authenticator Secure?
Google Authenticator is generally regarded as a secure application. Nonetheless, two-factor authentication isn’t a cure-all for security issues, and one should be aware of Google Authenticator’s limitations when using it. The app doesn’t have password protection, so if your phone is stolen, the thieves can access your codes without any extra steps. While this is unlikely to happen to an average person, high-net-worth individuals might be more susceptible to targeted attacks.
How to Link an Account to Google Authenticator
Before you start setting up Google Authenticator, navigate to the security settings of the service you wish to secure with 2FA. You’ll need to find a QR code or a key for later use with Authenticator.
- Download Google Authenticator from the App Store or Play Store.
- Launch the app and select “Get started.”
- Choose “Scan a QR code” or “Enter a setup key.”
- Scan or input the code given by your service provider.
- Your account should now appear in your app. To add more accounts, click on the plus icon.
How to Move Codes to a New Phone
On your old phone:
- Launch the Google Authenticator app and click on the three dots in the top right corner.
- Choose “Transfer accounts.”
- Click on “Export accounts” and then verify your identity.
- Pick the account you want to move and click “Next.” Your phone will display a QR code for scanning with your new device.
On your new phone:
- Open the Google Authenticator app and select “Get started.”
- Click on “Import existing accounts?” in your app.
- Choose “Scan QR code” and then scan the code shown by your old phone. And you’re done.
Reliable Methods to Safeguard Google Authenticator
Google Authenticator, unfortunately, lacks a backup feature in case your smartphone is lost or damaged. This implies that you won’t be able to access your accounts when signing in from an unfamiliar device or browser. However, there are three alternative solutions that could prevent future difficulties.
Duplicate Backup Codes
A majority of platforms that support 2FA also supply users with backup codes. If Google Authenticator is unable to verify your identity, these codes can be used to confirm who you are. This method is only effective if you have previously duplicated the backup codes and stored them for emergencies. If you utilize 2FA across multiple platforms, duplicating each code can be cumbersome. Storing these codes on your computer or printing them out is not recommended for optimal cybersecurity. A more secure alternative is to keep them in a protected file vault, such as NordLocker.
Preserve Google Authenticator QR Code
During the setup process of Google Authenticator, you have the option to capture a screenshot of the QR code. It’s crucial to use NordLocker or a similar encryption service to protect it from unauthorized access. It’s not advisable to store this QR code in your email, notes, or image gallery.
Employ a Programmable Token
Programmable tokens function similarly to authentication apps: they display a code that you must input to verify your identity. While tokens offer more security than the previously mentioned methods, obtaining and programming a token requires additional effort. Several authentication apps, such as Authy, provide cloud backup, simplifying the process of code recovery.
Addressing Common Problems with 2-Step Verification
Misplaced or Stolen Device
Google’s advice for you: Log out from the misplaced or stolen device. Modify your Google Account’s password.
There are multiple methods to regain access to your account, depending on your situation.
Utilize backup solutions Log in from a device you trust Acquire a new phone from your service provider Retrieve your account
Enforce a security key as your secondary step
If you activate 2-Step Verification and log in on a compatible phone, you can receive Google prompts. To set a security key as your mandatory second step, register for Advanced Protection.
Cancel lost backup codes
If your backup codes are lost, you can invalidate them and generate new ones.
- Navigate to the 2-Step Verification area of your Google Account.
- Choose Show codes.
- Choose Get new codes.
You didn’t receive a verification code
- You may have been sent a Google prompt instead. Understand why we suggest Google prompts over text message (SMS) verification codes.
- If we detect an anomaly in your sign-in process, like your location, you may not be able to receive a verification code via text message.
- If a text message containing a verification code was dispatched to your phone, ensure your service plan and mobile device are capable of receiving text messages.
- Delivery speed and availability can differ based on location and service provider.
- Ensure you have a sufficient internet connection when you attempt to retrieve your codes.
- If you receive a voice call with a verification code sent to your phone, you’ll get a voicemail if:
- You’re unable to answer the call.
- Your internet connection is insufficient.
Note: If you requested multiple verification codes, only the most recent one is valid.
My Google Authenticator codes are not functioning
This could be due to the time on your Google Authenticator app not being synchronized correctly. To adjust the time:
- On your Android device, navigate to the main menu of the Google Authenticator app.
- Tap More Settings Time correction for codes Sync now. On the subsequent screen, the app will confirm that the time has been synchronized. You should now be able to log in. The synchronization will only affect the internal time of your Google Authenticator app and will not modify your device’s Date & Time settings.
After enabling 2-Step Verification, an application may stop functioning
Upon activating 2-Step Verification, re-login might be required for certain applications. Hint: If you’re unable to access an application post the activation of 2-Step Verification, an App Password might be necessary.
Reasons to avoid using Google Voice for receiving verification codes
Utilizing Google Voice for receiving verification codes could potentially result in account lockout. For instance, if you log out from your Google Voice application, a verification code might be required to log back in. However, as it’s delivered to your Google Voice, you won’t be able to access the code.
Accounts associated with work, educational institutions, or other organizations
If you’re using an account linked to your workplace, educational institution, or any other group that’s safeguarded by 2-Step Verification, and you’re unable to log in, you can: Utilize backup alternatives. Reach out to your administrator.
Inability to use a second step for logging in
Employ a device that you’ve marked as trusted and proceed to account recovery. Unable to log in to my backup phone with text messages This issue can arise when there’s a change in your sign-in method, such as your location. You might need to switch to your primary phone, or another trusted device, to log in to your backup phone.
conclusion
In concluson here is a short story about Google Authenticator and how it saved the life of a person:
Dave was a hacker who loved to break into people’s accounts and steal their data. He had a list of targets that he wanted to hack, and one of them was Alice, a famous blogger. Dave tried to guess Alice’s password, but he failed. He then tried to use a phishing email to trick Alice into giving him her password, but Alice was smart and ignored it. Dave was frustrated and decided to try one last thing: he hacked into Alice’s phone and installed a spyware app that could record her screen and keystrokes.
Dave waited for Alice to log into her Google account, hoping to capture her password. He saw Alice open the Google Authenticator app on her phone and enter a six-digit code. Dave quickly copied the code and entered it on his computer, hoping to access Alice’s account. But he was too late. The code had expired and Google asked for a new one. Dave realized that Alice was using two-factor authentication, a security feature that required both her password and a code from the app to log in. Dave was out of luck and gave up on hacking Alice.
Alice, meanwhile, had no idea that Dave was trying to hack her. She was busy writing a blog post about how Google Authenticator had saved her life. She explained that she had been kidnapped by a gang of criminals who wanted to ransom her for money. They had taken her phone and tried to access her bank account, but they couldn’t because they didn’t have the code from the app. Alice had managed to escape from the kidnappers and call the police, thanks to Google Authenticator. She praised the app for being easy to use and secure, and urged her readers to enable two-factor authentication on their accounts.
Alice’s blog post went viral and many people thanked her for sharing her story. Dave saw the post and felt ashamed of himself. He decided to stop hacking and start using Google Authenticator himself, hoping to protect his own accounts from other hackers.